<?php

namespace APP\Ctrl;
use CMS\Ctrl as Base;
use CMS\Helper as Helper;

class Profile extends Base {
	// construct
	public function run() {
		// manage uri paths
		if(count($this->uri) > 0) {
			@list($func, $id) = $this->uri;
			$this->$func($id ? $id : '0-null');
		} else $this->index();
	}

	// index page
	public function index() {
		$this->view->func = 'index';

		// not logged in?
		if(!isset($this->session->auth))
			die(new Login(false, array('type' => 'warning', 'text' => 'Please login before accessing this page')));

		// load profile
		$this->view->data = $this->profile($this->session->auth['id']);

		// set path
		$this->view->path = array(
			'func' => 'view',
			'id' => $this->session->auth['id']
		);
	}

	// view profile page
	public function view($id) {
		$this->view->func = 'view';

		// prepare vars
		$id = explode("-", $id, 2);
		$id = $this->db->escapeString((int)reset($id));

		// my profile from a distance? :P
		if(isset($this->session->auth) && $this->session->auth['id'] == $id)
			$this->view->func = 'index';

		// load profile
		$this->view->data = $this->profile($id);

		// set title
		if(!(isset($this->session->auth) && $this->session->auth['id'] == $id))
			$this->view->title = $this->settings['blizz_guild'] . ' - Roster / ' . $this->view->data['name'];

		// set path
		$this->view->path = array(
			'func' => 'view',
			'id' => $id
		);
	}

	// load the profile
	private function profile($id) {
		// get user
		$res = $this->db->querySingle("SELECT
			a.id, a.password, a.name, a.email, x.name AS rank,
			COUNT(DISTINCT t.id) AS topics,
			COUNT(DISTINCT r.id) AS replies

			FROM users AS a
			LEFT JOIN ranks AS x ON a.rank = x.id
			LEFT JOIN topics AS t ON a.id = t.author
			LEFT JOIN replies AS r ON a.id = r.author AND r.starter = 0

		WHERE a.id = '{$id}'
		GROUP BY a.id", true);
		if(!$res)
			die(new Error());

		// prepare data
		$res['link'] = $res['id'] . '-' . Helper::generate_named_id($res['name']);
		$res['avatar'] = md5(strtolower($res['email']));
		$res['matrix'] = Helper::hide_email($res['email']);

		// return
		return $res;
	}

	// change password
	public function password() {
		$this->view->func = 'password';

		// not logged in?
		if(!isset($this->session->auth))
			die(new Login(false, array('type' => 'warning', 'text' => 'Please login before accessing this page')));

		// load profile
		$result = $this->profile($this->session->auth['id']);

		// send to view
		$this->view->data = $result;

		// set title
		$this->view->title .= ' / Change Password';

		// set path
		$this->view->path = array(
			'func' => $this->view->func
		);
	}

	// ajax check old password
	public function check() {
		// get from post
		$password = $this->request->post('old');
		if(is_null($password))
			return $this->json = array('success' => false);

		// process vars
		$password = md5(sha1($password . SALT1) . SALT2);

		// check for password
		if($this->session->auth['password'] != $password)
			return $this->json = array('success' => false);

		// here? then by all means you have passed
		return $this->json = array('success' => true);
	}

	// ajax change password
	public function change() {
		// get from post
		$old = $this->request->post('old');
		$password = $this->request->post('password');
		if(is_null($old) || is_null($password))
			return $this->json = array('success' => false);

		// process vars
		$old = md5(sha1($old . SALT1) . SALT2);
		$password = md5(sha1($password . SALT1) . SALT2);

		// match against db
		$result = $this->db->querySingle("SELECT id, name, email FROM users WHERE id = '{$this->session->auth['id']}' AND password = '{$old}'", true);
		if(!$result)
			return $this->json = array('success' => false);

		// update password
		$this->db->exec("UPDATE users SET password='{$password}' WHERE id = '{$result['id']}'");

		// send a nice email :)
		$eml = Helper::load_email('password.txt', $result['name'], URL . 'forgot', $this->settings['blizz_guild']);
		if($eml)
			$this->email->send($result['email'], $result['name'], $eml);

		// update cookie
		if(isset($this->cookie->auth))
			$this->cookie->auth = base64_encode($password . $result['id']);

		// yay success
		return $this->json = array('success' => true);
	}
}